fkie_cve-2025-4663
Vulnerability from fkie_nvd
Published
2025-07-08 18:15
Modified
2025-07-10 13:18
Severity ?
6.8 (Medium) - CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service (DoS). The vulnerability is encountered when supportsave is invoked remotely, using ssh command or SANnav inline ssh, and the corresponding ssh session is terminated with Control C (^c ) before supportsave completion. This issue affects Brocade Fabric OS 9.0.0 through 9.2.2
References
sirt@brocade.comhttps://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35815
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Check for Unusual or \nExceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a\n could allow an authenticated, network-based attacker to cause a \nDenial-of-Service (DoS).\nThe\n vulnerability is encountered when supportsave is invoked remotely, \nusing ssh command or SANnav inline ssh, and the corresponding ssh \nsession is terminated with Control C (^c ) before supportsave \ncompletion.\nThis issue affects Brocade Fabric OS 9.0.0 through 9.2.2"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Comprobaci\u00f3n Incorrecta de Condiciones Inusuales o Excepcionales en Brocade Fabric OS anterior a la versi\u00f3n 9.2.2.a podr\u00eda permitir que un atacante autenticado basado en la red provoque una Denegaci\u00f3n de Servicio (DoS). La vulnerabilidad se detecta cuando se invoca supportave remotamente mediante el comando ssh o SANnav inline ssh, y la sesi\u00f3n ssh correspondiente se finaliza con Control C (^c) antes de que se complete supportave. Este problema afecta a Brocade Fabric OS 9.0.0 a 9.2.2."
    }
  ],
  "id": "CVE-2025-4663",
  "lastModified": "2025-07-10T13:18:53.830",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "sirt@brocade.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-08T18:15:39.507",
  "references": [
    {
      "source": "sirt@brocade.com",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35815"
    }
  ],
  "sourceIdentifier": "sirt@brocade.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "sirt@brocade.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.